Tag Archives: wallet

How to Secure Your Crypto Wallet in 2024: 5 Expert Tips

How to Secure Your Crypto Wallet in 2024: 5 Expert Tips

In 2023, the value of stolen and hacked cryptocurrencies significantly decreased when compared to data from past years, a report by Chainalysis concluded.

Illicit revenue for crypto scamming fell by 29.2% and by 54.3% for hacking, aided by a sharp dropoff in decentralized finance (DeFi) hacking, which could signify that DeFi systems are improving their security practices.

However, cryptocurrency holders must also remain vigilant and proactive in securing their assets.

Here are some of the best ways how to protect your crypto wallet in 2024.

Key Takeaways

  • In 2023, crypto scamming fell by around 30% and crypto hacking by more than 50%. However, due to evolving scams and hacking techniques, individual users’ wallets are still at risk.
  • Choosing cold/hardware wallets offers users higher security measures through the offline storage of private keys, though they may be less user-friendly.
  • Keeping wallet software updated is vital for security.
  • Users should scrutinize transactions for potential scams like approval phishing.
  • Double-checking destination addresses, handling links cautiously, and verifying website domains can mitigate the risk of falling victim to scams.
  • Emerging trends like advanced encryption, biometric authentication, and smart contract integration are shaping the future of wallet security.

How to Secure Your Crypto Wallet: Experts Define 5 Crucial Steps

Despite an overall decline in cryptocurrency criminal activities, the ever-evolving nature of scams and hacking techniques means that the cryptocurrency wallets of individual users may still be at risk.

Adopting strong security measures, staying informed about the latest trends, and continuously monitoring wallets for any suspicious activity are some of the most crucial steps that digital asset holders must take to secure their cryptocurrency.

1. Choose a Cryptocurrency Wallet Wisely

Selecting the right cryptocurrency wallet is one of the most crucial steps to keep owned digital assets safe, Jeff Owens, the CEO and co-founder of Haven1, a Layer 1 blockchain engineered to address Web3 security and liquidity challenges, told Techopedia.

According to Owens, a cold/hardware wallet, similar to Ledger, is one of the most secure options users can opt for due to its feature of storing private keys offline. Additionally, such wallet types feature PIN protection and recovery seed phrases but could be a little more challenging for beginner investors to navigate.

However, other experts note that each wallet type tends to balance convenience and security differently, allowing users to choose the best wallet for them based on their security needs and abilities.

Anndy Lian, an inter-governmental blockchain expert, explained:

“Hardware wallets are generally considered more secure but less convenient, while software wallets offer ease of use but are more vulnerable to online threats. Paper wallets, while not susceptible to cyber-attacks, carry the risk of being physically damaged or lost.”

Lian added that users holding large sums of cryptocurrencies could consider cold storage wallets as they are not connected to the internet and are less susceptible to hacking.

2. Pay Extra Attention to Your Passwords and Private Keys

Experts note that setting up a strong password is perhaps the first step in securing users’ cryptocurrency wallets.

According to Haven1’s Owens, some of the biggest mistakes crypto holders make when securing their wallets are weak passwords and the lack of two-factor authentication (2FA).

Additionally, users must also pay extra attention to where they store their private keys.

According to Alvin Kan, the COO of Bitget Wallet, keeping private keys offline as much as possible through hardware or paper wallets prevents hackers from gaining access to them via the internet.

Kan added:

“Pay attention to password security by creating complex and unique passwords, avoiding easily guessed combinations (e.g., birthdays, sequential numbers). Regularly change your passwords and avoid using the same password across multiple platforms. Consider enabling two-factor authentication (2FA) for an added layer of security.”

3. Store Passwords Offline

The more information users store online, the easier it is for hackers to get ahold of it, which is why going back to the old-fashioned pen-and-paper days could keep digital assets held in cryptocurrency wallets safe.

Haven1’s Ownes noted:

“In general, the more information you keep offline, the more secure it will be. If you don’t like the idea of paper, encrypted digital backup held on a physical device, like a USB, is also an option.”

Bitget Wallet’s Kan added that the backup process for hardware wallets often includes managing a recovery seed phase. For heightened security measures, it is recommended that users write the recovery seed phrase on paper and store it offline.

4. Regularly Update Software

Failing to update the firmware of hardware wallets is another issue that may leave certain users more susceptible to hacking attacks.

Updates often include bug fixes and stricter security measures, making them an integral part of securing your cryptocurrency wallet.

5. Be Wary of All Transactions

According to Chainalysis’ report, while scam revenue in 2023 was down, approval phishing scams became more prominent last year. In approval phishing, scammers trick users into signing a malicious blockchain transaction that gives the scammer access to the victim’s wallet.

The report highlighted that in 2023, approval phishing scammers stole $374.6 million from cryptocurrency wallets.

Value in $ stolen through approval phishing scams May 2021 – November 2023. Source: Chainalysis 

Haven1’s Ownes noted that it is important for users to double the destinations of transactions several times before approval.

“For example, even if the first and last digits of an address look right, it could be subject to a mirroring (or “address poisoning”) scam, where scammers trick users into sending funds to a fake address that closely resembles the real one. Last month, a crypto user lost $69 million worth of wrapped Bitcoin to such a scam.”

Additionally, Bitget Wallet’s Kan said users should handle links and file downloads with extra caution and always double-check website domains to avoid phishing sites disguised as official websites.

Future of Crypto Wallet Security

Advanced encryptionbiometric authentication, and smart contract integration are some of the first steps in emerging trends that aim to protect digital assets stored in wallets.

Lian noted that integrating biometric data for user authentication provides a more secure and personalized way for users to access their wallets. Meanwhile, using smart contracts to automate security protocols reduces the risk of human error, thus further boosting security measures.

Kan explained that Bitget Wallet is already implementing some new security measures, such as MPC and AA wallets that divide private keys into multiple parts or execute transactions automatically through smart contracts in order to offer users an extra degree of security.

He added that secure multiparty computation (SMPC) is another emerging trend that works to boost the security of cryptocurrency wallets by enabling multiple parties to jointly compute a function while keeping their own inputs private.

“Within the context of encrypted wallets, SMPC can facilitate secure distributed key generation and management functions without exposing individual keys to risks,” he explained.

The development of decentralized identity solutions (DID) also strives to make the authentication process more secure by letting users verify their identity without having to expose their personal information. Integrating DID into encrypted wallets can help prevent identity theft and fraud.

The Bottom Line

Despite a recent decline in crypto crimes, securing your cryptocurrency wallet remains crucial in ensuring your digital assets’ safety. New scams and hacking techniques continuously threaten individual users.

Key steps to enhance security include choosing the right wallet type, using strong passwords, enabling two-factor authentication, keeping private keys offline, and regularly updating software.

Additionally, as the industry evolves, new advancements in crypto wallet security offer more robust ways to safeguard investments, including the emergence of biometric authentication, secure multiparty computation (SMPC), and decentralized identity solutions.

 

Source: https://www.techopedia.com/how-to-secure-your-crypto-wallet

Anndy Lian is an early blockchain adopter and experienced serial entrepreneur who is known for his work in the government sector. He is a best selling book author- “NFT: From Zero to Hero” and “Blockchain Revolution 2030”.

Currently, he is appointed as the Chief Digital Advisor at Mongolia Productivity Organization, championing national digitization. Prior to his current appointments, he was the Chairman of BigONE Exchange, a global top 30 ranked crypto spot exchange and was also the Advisory Board Member for Hyundai DAC, the blockchain arm of South Korea’s largest car manufacturer Hyundai Motor Group. Lian played a pivotal role as the Blockchain Advisor for Asian Productivity Organisation (APO), an intergovernmental organization committed to improving productivity in the Asia-Pacific region.

An avid supporter of incubating start-ups, Anndy has also been a private investor for the past eight years. With a growth investment mindset, Anndy strategically demonstrates this in the companies he chooses to be involved with. He believes that what he is doing through blockchain technology currently will revolutionise and redefine traditional businesses. He also believes that the blockchain industry has to be “redecentralised”.

www.anndy.com
j j j

Decrypting the Solana Wallet attack and how investors can safeguard their crypto holdings

Decrypting the Solana Wallet attack and how investors can safeguard their crypto holdings

Solana’s hack is one of the major events that happened this week. These are my additional comments.

According to a tweet on Solana account. “There is no evidence the Solana protocol or its cryptography was compromised.” I think we should not take this lightly. I would expect a full postmortem later this week to address to the attack.

The addresses that were affected by the attack were at one point created, imported or used in the Slope mobile applications. Private key information was also accidentally sent to an application monitoring service. I think a decentralized network should stay independent and operate purely by codes. This can help to reduce similar problems.

Whether it is a bridge exploit or supply chain attack, the root problem is still uncertain. I would suggest users to create a new wallet, move their funds over to the new wallet and delete the old ones. Users for the time being can also consider moving their funds to the more reputable centralized exchanges or hardware wallets too. Keeping assets secure amid the uncertain situation is the best way for now.

I think the rest on the network should check on their codes and increase their security to prevent any other possible exploits that could happen. Never be too sure and let your guard down.

 

 

Decrypting the Solana Wallet attack and how investors can safeguard their crypto holdings

With reports indicating around 8,000 ‘hot’ wallets were compromised in the attack, experts advise investors to switch to hardware wallets for better security.

Close on the heels of cross-chain messaging platform Nomad being the target of a $200-million crypto heist, investors using ‘hot’ or internet-connected crypto wallets on the popular blockchain Solana were under attack from an unknown bad actor.

 

Over $8 million stolen from 8,000 investors

With crypto holdings worth over $8 million stolen from approximately 8,000 investors, this latest attack has raised many questions about the security offered by both the Solana network and ‘hot’ wallets that are quite popular with the average crypto investor.
While Solana’s official Twitter account was quick to clarify that the attack was not the result of any compromise in the network’s software, it added that its team of engineers is fervently working with security researchers and ecosystem teams to identify the root cause of this wallet hack.

Create new wallets, delete old ones

According to Anndy Lian, chief digital advisor to the Mongolian Productivity Organization, investors should not take these events lightly and should expect a complete analysis by the end of this week.

“While it is my opinion that a decentralised network should stay independent and operate purely by codes, I think the team at Solana should re-check all their partner systems and increase their security to prevent any other possible exploits. Investors ought to remain vigilant and take necessary precautions at their end,” he said.

“I would suggest users create a new wallet, move their funds over to the new wallet and delete the old ones. They can also consider moving their funds to the more reputable centralised exchanges or hardware wallets too. Keeping assets secure amid the uncertain situation is the best way for now,” he added.

Preliminary investigations have revealed that this exploit was limited to just the Slope wallet on the Solana ecosystem, while hardware wallets used by Slope remained unscathed.

According to Solana, affected wallet addresses were at one point created, imported or used in Slope mobile wallet applications, and their private key information was transmitted to an application monitoring service.

 

Do not store private keys on computers

Commenting on the Solana network and the underlying sentiment, Lin, a senior analyst at Block Review, said according to his statistics, there were 10.5 percent negative sentiments for Solana in the last seven days, while Ethereum had around 6.2 percent and anything below 15 percent is still okay in his opinion.

“Coming back to the private keys that were compromised, I think any of this information should never be on any computer at any given time. This part should be taken care of and well audited by the wallet providers. Users, on the other hand, have to take extra care of their private keys and seed phrases,” Lin said.

Solana has already urged investors affected by the attack to abandon the affected wallets as they could still be compromised even after revoking wallet approvals.

While the exact modus operandi employed is still unknown, crypto industry leaders have highlighted that the suspect transactions were properly signed, further indicating that it could be a supply chain attack with a specific focus on Slope ‘hot’ wallet users.

 

Investors should opt for cold or hardware wallets   

Elaborating on how hackers can still steal from a compromised wallet, Raj Kapoor, founder of India Blockchain Alliance, said since private keys are stored in application and device wallets, hackers can access them and steal cryptocurrencies and that sums up the Solana hack.

“If your wallet has been compromised, it’s paramount that you transfer any existing funds from your compromised wallet to another wallet. Hackers will wipe your account of funds immediately, but if you’re lucky and they have not done this yet, it’s time for investors to take immediate action,” he added.

Since most hacks happen to hit “hot” wallets, investors should opt for cold or hardware wallets instead. While investors may need some of it online for transactions, they should keep what they need in the short term and store most of it offline.

A cold crypto wallet, which is similar in size to a USB device, holds a private key that can be used to access your funds. Investors can set their own private keys as well.

 

Use multi-factor authentication

Investors should also use multi-factor authentication (MFA) as this creates a layered defence on their account with independent credentials based on a password, security token, and/or biometrics.

Phishing is another danger and to prevent it, investors should never log in to their cryptocurrency exchange unless they are sure they are on the correct site.

 

Do not share information over texts, emails

Additionally, investors should not trust texts, emails or chats that ask for your personal information.

Avoiding public WiFi is also a great idea as is updating your software from time to time. Regularly changing the passwords is great as well. Change the password regularly and use a password manager like LastPass or 1Password.

 

‘Hot’ wallets are vulnerable

As Solana continues to work with Slope Finance in conjunction with their partners OtterSec and SlowMist to restore normalcy, this incident again serves to highlight the vulnerability of ‘hot’ wallets to cyberattacks, despite the faster transaction times offered by them.

Comprising the entire collection of web-based, mobile and desktop wallets available today, ‘hot’ wallets should be used in conjunction with ‘cold’ or hardware wallets to strike the perfect balance between speed, functionality and security.

For those actively trading in crypto tokens and other crypto assets, it is recommended to hold trading funds in a ‘hot’ wallet while the bulk of their crypto holdings remains secure in a ‘cold’ or hardware wallet.

Nearly impossible to hack hardware wallets

Since a user’s private keys never leave the device, stealing funds from a hardware wallet is an almost impossible task for malicious cyber entities. Ranging from 50 to a few hundred dollars, the security offered by these hardware wallets more than compensates for the one-time costs involved and is highly recommended for all crypto investors out there.

Anndy Lian is an early blockchain adopter and experienced serial entrepreneur who is known for his work in the government sector. He is a best selling book author- “NFT: From Zero to Hero” and “Blockchain Revolution 2030”.

Currently, he is appointed as the Chief Digital Advisor at Mongolia Productivity Organization, championing national digitization. Prior to his current appointments, he was the Chairman of BigONE Exchange, a global top 30 ranked crypto spot exchange and was also the Advisory Board Member for Hyundai DAC, the blockchain arm of South Korea’s largest car manufacturer Hyundai Motor Group. Lian played a pivotal role as the Blockchain Advisor for Asian Productivity Organisation (APO), an intergovernmental organization committed to improving productivity in the Asia-Pacific region.

An avid supporter of incubating start-ups, Anndy has also been a private investor for the past eight years. With a growth investment mindset, Anndy strategically demonstrates this in the companies he chooses to be involved with. He believes that what he is doing through blockchain technology currently will revolutionise and redefine traditional businesses. He also believes that the blockchain industry has to be “redecentralised”.

www.anndy.com
j j j